--- /dev/null
+From 7aa135fcf26377f92dc0680a57566b4c7f3e281b Mon Sep 17 00:00:00 2001
+From: Martijn Coenen <maco@android.com>
+Date: Wed, 28 Mar 2018 11:14:50 +0200
+Subject: ANDROID: binder: prevent transactions into own process.
+
+From: Martijn Coenen <maco@android.com>
+
+commit 7aa135fcf26377f92dc0680a57566b4c7f3e281b upstream.
+
+This can't happen with normal nodes (because you can't get a ref
+to a node you own), but it could happen with the context manager;
+to make the behavior consistent with regular nodes, reject
+transactions into the context manager by the process owning it.
+
+Reported-by: syzbot+09e05aba06723a94d43d@syzkaller.appspotmail.com
+Signed-off-by: Martijn Coenen <maco@android.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/android/binder.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/drivers/android/binder.c
++++ b/drivers/android/binder.c
+@@ -2785,6 +2785,14 @@ static void binder_transaction(struct bi
+ else
+ return_error = BR_DEAD_REPLY;
+ mutex_unlock(&context->context_mgr_node_lock);
++ if (target_node && target_proc == proc) {
++ binder_user_error("%d:%d got transaction to context manager from process owning it\n",
++ proc->pid, thread->pid);
++ return_error = BR_FAILED_REPLY;
++ return_error_param = -EINVAL;
++ return_error_line = __LINE__;
++ goto err_invalid_target_handle;
++ }
+ }
+ if (!target_node) {
+ /*
--- /dev/null
+From d2ffed5185df9d8d9ccd150e4340e3b6f96a8381 Mon Sep 17 00:00:00 2001
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+Date: Tue, 10 Apr 2018 15:21:45 +0200
+Subject: ARM: amba: Don't read past the end of sysfs "driver_override" buffer
+
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+
+commit d2ffed5185df9d8d9ccd150e4340e3b6f96a8381 upstream.
+
+When printing the driver_override parameter when it is 4095 and 4094
+bytes long, the printing code would access invalid memory because we
+need count + 1 bytes for printing.
+
+Cfr. commits 4efe874aace57dba ("PCI: Don't read past the end of sysfs
+"driver_override" buffer") and bf563b01c2895a4b ("driver core: platform:
+Don't read past the end of "driver_override" buffer").
+
+Fixes: 3cf385713460eb2b ("ARM: 8256/1: driver coamba: add device binding path 'driver_override'")
+Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
+Reviewed-by: Todd Kjos <tkjos@google.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/amba/bus.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/drivers/amba/bus.c
++++ b/drivers/amba/bus.c
+@@ -84,7 +84,8 @@ static ssize_t driver_override_store(str
+ struct amba_device *dev = to_amba_device(_dev);
+ char *driver_override, *old, *cp;
+
+- if (count > PATH_MAX)
++ /* We need to keep extra room for a newline */
++ if (count >= (PAGE_SIZE - 1))
+ return -EINVAL;
+
+ driver_override = kstrndup(buf, count, GFP_KERNEL);
--- /dev/null
+From 6a7228d90d42bcacfe38786756ba62762b91c20a Mon Sep 17 00:00:00 2001
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+Date: Tue, 10 Apr 2018 15:21:44 +0200
+Subject: ARM: amba: Fix race condition with driver_override
+
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+
+commit 6a7228d90d42bcacfe38786756ba62762b91c20a upstream.
+
+The driver_override implementation is susceptible to a race condition
+when different threads are reading vs storing a different driver
+override. Add locking to avoid this race condition.
+
+Cfr. commits 6265539776a0810b ("driver core: platform: fix race
+condition with driver_override") and 9561475db680f714 ("PCI: Fix race
+condition with driver_override").
+
+Fixes: 3cf385713460eb2b ("ARM: 8256/1: driver coamba: add device binding path 'driver_override'")
+Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
+Reviewed-by: Todd Kjos <tkjos@google.com>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/amba/bus.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+--- a/drivers/amba/bus.c
++++ b/drivers/amba/bus.c
+@@ -69,8 +69,12 @@ static ssize_t driver_override_show(stru
+ struct device_attribute *attr, char *buf)
+ {
+ struct amba_device *dev = to_amba_device(_dev);
++ ssize_t len;
+
+- return sprintf(buf, "%s\n", dev->driver_override);
++ device_lock(_dev);
++ len = sprintf(buf, "%s\n", dev->driver_override);
++ device_unlock(_dev);
++ return len;
+ }
+
+ static ssize_t driver_override_store(struct device *_dev,
+@@ -78,7 +82,7 @@ static ssize_t driver_override_store(str
+ const char *buf, size_t count)
+ {
+ struct amba_device *dev = to_amba_device(_dev);
+- char *driver_override, *old = dev->driver_override, *cp;
++ char *driver_override, *old, *cp;
+
+ if (count > PATH_MAX)
+ return -EINVAL;
+@@ -91,12 +95,15 @@ static ssize_t driver_override_store(str
+ if (cp)
+ *cp = '\0';
+
++ device_lock(_dev);
++ old = dev->driver_override;
+ if (strlen(driver_override)) {
+ dev->driver_override = driver_override;
+ } else {
+ kfree(driver_override);
+ dev->driver_override = NULL;
+ }
++ device_unlock(_dev);
+
+ kfree(old);
+
--- /dev/null
+From 5f53624662eaac89598641cee6cd54fc192572d9 Mon Sep 17 00:00:00 2001
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+Date: Tue, 10 Apr 2018 15:21:43 +0200
+Subject: ARM: amba: Make driver_override output consistent with other buses
+
+From: Geert Uytterhoeven <geert+renesas@glider.be>
+
+commit 5f53624662eaac89598641cee6cd54fc192572d9 upstream.
+
+For AMBA devices with unconfigured driver override, the
+"driver_override" sysfs virtual file is empty, while it contains
+"(null)" for platform and PCI devices.
+
+Make AMBA consistent with other buses by dropping the test for a NULL
+pointer.
+
+Note that contrary to popular belief, sprintf() handles NULL pointers
+fine; they are printed as "(null)".
+
+Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
+Cc: stable <stable@vger.kernel.org>
+Reviewed-by: Todd Kjos <tkjos@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/amba/bus.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+--- a/drivers/amba/bus.c
++++ b/drivers/amba/bus.c
+@@ -70,9 +70,6 @@ static ssize_t driver_override_show(stru
+ {
+ struct amba_device *dev = to_amba_device(_dev);
+
+- if (!dev->driver_override)
+- return 0;
+-
+ return sprintf(buf, "%s\n", dev->driver_override);
+ }
+
--- /dev/null
+From 6e8fe39989720b87439fee7817a5ca362b16d931 Mon Sep 17 00:00:00 2001
+From: Thor Thayer <thor.thayer@linux.intel.com>
+Date: Mon, 26 Mar 2018 14:50:00 -0500
+Subject: ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
+
+From: Thor Thayer <thor.thayer@linux.intel.com>
+
+commit 6e8fe39989720b87439fee7817a5ca362b16d931 upstream.
+
+Remove QSPI Sector 4K size force which is causing QSPI boot
+problems with the JFFS2 root filesystem.
+
+Fixes the following error:
+ "Magic bitmask 0x1985 not found at ..."
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Thor Thayer <thor.thayer@linux.intel.com>
+Signed-off-by: Dinh Nguyen <dinguyen@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/configs/socfpga_defconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/arm/configs/socfpga_defconfig
++++ b/arch/arm/configs/socfpga_defconfig
+@@ -57,6 +57,7 @@ CONFIG_MTD_M25P80=y
+ CONFIG_MTD_NAND=y
+ CONFIG_MTD_NAND_DENALI_DT=y
+ CONFIG_MTD_SPI_NOR=y
++# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
+ CONFIG_SPI_CADENCE_QUADSPI=y
+ CONFIG_OF_OVERLAY=y
+ CONFIG_OF_CONFIGFS=y
--- /dev/null
+From c656941df9bc80f7ec65b92ca73c42f8b0b62628 Mon Sep 17 00:00:00 2001
+From: Nicolin Chen <nicoleotsuka@gmail.com>
+Date: Sun, 8 Apr 2018 16:57:35 -0700
+Subject: ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
+
+From: Nicolin Chen <nicoleotsuka@gmail.com>
+
+commit c656941df9bc80f7ec65b92ca73c42f8b0b62628 upstream.
+
+When the desired ratio is less than 256, the savesub (tolerance)
+in the calculation would become 0. This will then fail the loop-
+search immediately without reporting any errors.
+
+But if the ratio is smaller enough, there is no need to calculate
+the tolerance because PM divisor alone is enough to get the ratio.
+
+So a simple fix could be just to set PM directly instead of going
+into the loop-search.
+
+Reported-by: Marek Vasut <marex@denx.de>
+Signed-off-by: Nicolin Chen <nicoleotsuka@gmail.com>
+Tested-by: Marek Vasut <marex@denx.de>
+Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
+Signed-off-by: Mark Brown <broonie@kernel.org>
+Cc: stable@vger.kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ sound/soc/fsl/fsl_esai.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+--- a/sound/soc/fsl/fsl_esai.c
++++ b/sound/soc/fsl/fsl_esai.c
+@@ -144,6 +144,13 @@ static int fsl_esai_divisor_cal(struct s
+
+ psr = ratio <= 256 * maxfp ? ESAI_xCCR_xPSR_BYPASS : ESAI_xCCR_xPSR_DIV8;
+
++ /* Do not loop-search if PM (1 ~ 256) alone can serve the ratio */
++ if (ratio <= 256) {
++ pm = ratio;
++ fp = 1;
++ goto out;
++ }
++
+ /* Set the max fluctuation -- 0.1% of the max devisor */
+ savesub = (psr ? 1 : 8) * 256 * maxfp / 1000;
+
--- /dev/null
+From c0f7f5b6c69107ca92909512533e70258ee19188 Mon Sep 17 00:00:00 2001
+From: Shilpasri G Bhat <shilpa.bhat@linux.vnet.ibm.com>
+Date: Wed, 25 Apr 2018 16:29:31 +0530
+Subject: cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt
+
+From: Shilpasri G Bhat <shilpa.bhat@linux.vnet.ibm.com>
+
+commit c0f7f5b6c69107ca92909512533e70258ee19188 upstream.
+
+gpstate_timer_handler() uses synchronous smp_call to set the pstate
+on the requested core. This causes the below hard lockup:
+
+ smp_call_function_single+0x110/0x180 (unreliable)
+ smp_call_function_any+0x180/0x250
+ gpstate_timer_handler+0x1e8/0x580
+ call_timer_fn+0x50/0x1c0
+ expire_timers+0x138/0x1f0
+ run_timer_softirq+0x1e8/0x270
+ __do_softirq+0x158/0x3e4
+ irq_exit+0xe8/0x120
+ timer_interrupt+0x9c/0xe0
+ decrementer_common+0x114/0x120
+ -- interrupt: 901 at doorbell_global_ipi+0x34/0x50
+ LR = arch_send_call_function_ipi_mask+0x120/0x130
+ arch_send_call_function_ipi_mask+0x4c/0x130
+ smp_call_function_many+0x340/0x450
+ pmdp_invalidate+0x98/0xe0
+ change_huge_pmd+0xe0/0x270
+ change_protection_range+0xb88/0xe40
+ mprotect_fixup+0x140/0x340
+ SyS_mprotect+0x1b4/0x350
+ system_call+0x58/0x6c
+
+One way to avoid this is removing the smp-call. We can ensure that the
+timer always runs on one of the policy-cpus. If the timer gets
+migrated to a cpu outside the policy then re-queue it back on the
+policy->cpus. This way we can get rid of the smp-call which was being
+used to set the pstate on the policy->cpus.
+
+Fixes: 7bc54b652f13 ("timers, cpufreq/powernv: Initialize the gpstate timer as pinned")
+Cc: stable@vger.kernel.org # v4.8+
+Reported-by: Nicholas Piggin <npiggin@gmail.com>
+Reported-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com>
+Signed-off-by: Shilpasri G Bhat <shilpa.bhat@linux.vnet.ibm.com>
+Acked-by: Nicholas Piggin <npiggin@gmail.com>
+Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
+Acked-by: Vaidyanathan Srinivasan <svaidy@linux.vnet.ibm.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/cpufreq/powernv-cpufreq.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+--- a/drivers/cpufreq/powernv-cpufreq.c
++++ b/drivers/cpufreq/powernv-cpufreq.c
+@@ -646,6 +646,16 @@ void gpstate_timer_handler(unsigned long
+
+ if (!spin_trylock(&gpstates->gpstate_lock))
+ return;
++ /*
++ * If the timer has migrated to the different cpu then bring
++ * it back to one of the policy->cpus
++ */
++ if (!cpumask_test_cpu(raw_smp_processor_id(), policy->cpus)) {
++ gpstates->timer.expires = jiffies + msecs_to_jiffies(1);
++ add_timer_on(&gpstates->timer, cpumask_first(policy->cpus));
++ spin_unlock(&gpstates->gpstate_lock);
++ return;
++ }
+
+ /*
+ * If PMCR was last updated was using fast_swtich then
+@@ -685,10 +695,8 @@ void gpstate_timer_handler(unsigned long
+ if (gpstate_idx != gpstates->last_lpstate_idx)
+ queue_gpstate_timer(gpstates);
+
++ set_pstate(&freq_data);
+ spin_unlock(&gpstates->gpstate_lock);
+-
+- /* Timer may get migrated to a different cpu on cpu hot unplug */
+- smp_call_function_any(policy->cpus, set_pstate, &freq_data, 1);
+ }
+
+ /*
--- /dev/null
+From eea0d3ea7546961f69f55b26714ac8fd71c7c020 Mon Sep 17 00:00:00 2001
+From: Stephan Mueller <smueller@chronox.de>
+Date: Thu, 12 Apr 2018 08:40:55 +0200
+Subject: crypto: drbg - set freed buffers to NULL
+
+From: Stephan Mueller <smueller@chronox.de>
+
+commit eea0d3ea7546961f69f55b26714ac8fd71c7c020 upstream.
+
+During freeing of the internal buffers used by the DRBG, set the pointer
+to NULL. It is possible that the context with the freed buffers is
+reused. In case of an error during initialization where the pointers
+do not yet point to allocated memory, the NULL value prevents a double
+free.
+
+Cc: stable@vger.kernel.org
+Fixes: 3cfc3b9721123 ("crypto: drbg - use aligned buffers")
+Signed-off-by: Stephan Mueller <smueller@chronox.de>
+Reported-by: syzbot+75397ee3df5c70164154@syzkaller.appspotmail.com
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/drbg.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/crypto/drbg.c
++++ b/crypto/drbg.c
+@@ -1134,8 +1134,10 @@ static inline void drbg_dealloc_state(st
+ if (!drbg)
+ return;
+ kzfree(drbg->Vbuf);
++ drbg->Vbuf = NULL;
+ drbg->V = NULL;
+ kzfree(drbg->Cbuf);
++ drbg->Cbuf = NULL;
+ drbg->C = NULL;
+ kzfree(drbg->scratchpadbuf);
+ drbg->scratchpadbuf = NULL;
--- /dev/null
+From 75569c182e4f65cd8826a5853dc9cbca703cbd0e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nicolai=20H=C3=A4hnle?= <nicolai.haehnle@amd.com>
+Date: Thu, 12 Apr 2018 16:34:19 +0200
+Subject: drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Nicolai Hähnle <nicolai.haehnle@amd.com>
+
+commit 75569c182e4f65cd8826a5853dc9cbca703cbd0e upstream.
+
+Otherwise, the SQ may skip some of the register writes, or shader waves may
+be allocated where we don't expect them, so that as a result we don't actually
+reset all of the register SRAMs. This can lead to spurious ECC errors later on
+if a shader uses an uninitialized register.
+
+Signed-off-by: Nicolai Hähnle <nicolai.haehnle@amd.com>
+Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
+Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c
++++ b/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c
+@@ -1398,10 +1398,11 @@ static const u32 sgpr_init_compute_shade
+ static const u32 vgpr_init_regs[] =
+ {
+ mmCOMPUTE_STATIC_THREAD_MGMT_SE0, 0xffffffff,
+- mmCOMPUTE_RESOURCE_LIMITS, 0,
++ mmCOMPUTE_RESOURCE_LIMITS, 0x1000000, /* CU_GROUP_COUNT=1 */
+ mmCOMPUTE_NUM_THREAD_X, 256*4,
+ mmCOMPUTE_NUM_THREAD_Y, 1,
+ mmCOMPUTE_NUM_THREAD_Z, 1,
++ mmCOMPUTE_PGM_RSRC1, 0x100004f, /* VGPRS=15 (64 logical VGPRs), SGPRS=1 (16 SGPRs), BULKY=1 */
+ mmCOMPUTE_PGM_RSRC2, 20,
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00,
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01,
+@@ -1418,10 +1419,11 @@ static const u32 vgpr_init_regs[] =
+ static const u32 sgpr1_init_regs[] =
+ {
+ mmCOMPUTE_STATIC_THREAD_MGMT_SE0, 0x0f,
+- mmCOMPUTE_RESOURCE_LIMITS, 0x1000000,
++ mmCOMPUTE_RESOURCE_LIMITS, 0x1000000, /* CU_GROUP_COUNT=1 */
+ mmCOMPUTE_NUM_THREAD_X, 256*5,
+ mmCOMPUTE_NUM_THREAD_Y, 1,
+ mmCOMPUTE_NUM_THREAD_Z, 1,
++ mmCOMPUTE_PGM_RSRC1, 0x240, /* SGPRS=9 (80 GPRS) */
+ mmCOMPUTE_PGM_RSRC2, 20,
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00,
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01,
+@@ -1442,6 +1444,7 @@ static const u32 sgpr2_init_regs[] =
+ mmCOMPUTE_NUM_THREAD_X, 256*5,
+ mmCOMPUTE_NUM_THREAD_Y, 1,
+ mmCOMPUTE_NUM_THREAD_Z, 1,
++ mmCOMPUTE_PGM_RSRC1, 0x240, /* SGPRS=9 (80 GPRS) */
+ mmCOMPUTE_PGM_RSRC2, 20,
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00,
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01,
--- /dev/null
+From ac315c621f01d4b8a53dec317c7ae322fd26ff38 Mon Sep 17 00:00:00 2001
+From: Imre Deak <imre.deak@intel.com>
+Date: Thu, 19 Apr 2018 18:51:09 +0300
+Subject: drm/i915: Enable display WA#1183 from its correct spot
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Imre Deak <imre.deak@intel.com>
+
+commit ac315c621f01d4b8a53dec317c7ae322fd26ff38 upstream.
+
+The DMC FW specific part of display WA#1183 is supposed to be enabled
+whenever enabling DC5 or DC6, so move it to the DC6 enable function
+from the DC6 disable function.
+
+I noticed this after Daniel's patch to remove the unused
+skl_disable_dc6() function.
+
+Fixes: 53421c2fe99c ("drm/i915: Apply Display WA #1183 on skl, kbl, and cfl")
+Cc: Lucas De Marchi <lucas.demarchi@intel.com>
+Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
+Cc: Ville Syrjälä <ville.syrjala@linux.intel.com>
+Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Imre Deak <imre.deak@intel.com>
+Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
+Link: https://patchwork.freedesktop.org/patch/msgid/20180419155109.29451-1-imre.deak@intel.com
+(cherry picked from commit b49be6622f08187129561cff0409f7b06b33de57)
+Signed-off-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpu/drm/i915/intel_runtime_pm.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+--- a/drivers/gpu/drm/i915/intel_runtime_pm.c
++++ b/drivers/gpu/drm/i915/intel_runtime_pm.c
+@@ -622,19 +622,18 @@ void skl_enable_dc6(struct drm_i915_priv
+
+ DRM_DEBUG_KMS("Enabling DC6\n");
+
+- gen9_set_dc_state(dev_priv, DC_STATE_EN_UPTO_DC6);
++ /* Wa Display #1183: skl,kbl,cfl */
++ if (IS_GEN9_BC(dev_priv))
++ I915_WRITE(GEN8_CHICKEN_DCPR_1, I915_READ(GEN8_CHICKEN_DCPR_1) |
++ SKL_SELECT_ALTERNATE_DC_EXIT);
+
++ gen9_set_dc_state(dev_priv, DC_STATE_EN_UPTO_DC6);
+ }
+
+ void skl_disable_dc6(struct drm_i915_private *dev_priv)
+ {
+ DRM_DEBUG_KMS("Disabling DC6\n");
+
+- /* Wa Display #1183: skl,kbl,cfl */
+- if (IS_GEN9_BC(dev_priv))
+- I915_WRITE(GEN8_CHICKEN_DCPR_1, I915_READ(GEN8_CHICKEN_DCPR_1) |
+- SKL_SELECT_ALTERNATE_DC_EXIT);
+-
+ gen9_set_dc_state(dev_priv, DC_STATE_DISABLE);
+ }
+
--- /dev/null
+From dd709e72cb934eefd44de8d9969097173fbf45dc Mon Sep 17 00:00:00 2001
+From: Daniel Kurtz <djkurtz@chromium.org>
+Date: Fri, 6 Apr 2018 17:21:53 -0600
+Subject: earlycon: Use a pointer table to fix __earlycon_table stride
+
+From: Daniel Kurtz <djkurtz@chromium.org>
+
+commit dd709e72cb934eefd44de8d9969097173fbf45dc upstream.
+
+Commit 99492c39f39f ("earlycon: Fix __earlycon_table stride") tried to fix
+__earlycon_table stride by forcing the earlycon_id struct alignment to 32
+and asking the linker to 32-byte align the __earlycon_table symbol. This
+fix was based on commit 07fca0e57fca92 ("tracing: Properly align linker
+defined symbols") which tried a similar fix for the tracing subsystem.
+
+However, this fix doesn't quite work because there is no guarantee that
+gcc will place structures packed into an array format. In fact, gcc 4.9
+chooses to 64-byte align these structs by inserting additional padding
+between the entries because it has no clue that they are supposed to be in
+an array. If we are unlucky, the linker will assign symbol
+"__earlycon_table" to a 32-byte aligned address which does not correspond
+to the 64-byte aligned contents of section "__earlycon_table".
+
+To address this same problem, the fix to the tracing system was
+subsequently re-implemented using a more robust table of pointers approach
+by commits:
+ 3d56e331b653 ("tracing: Replace syscall_meta_data struct array with pointer array")
+ 654986462939 ("tracepoints: Fix section alignment using pointer array")
+ e4a9ea5ee7c8 ("tracing: Replace trace_event struct array with pointer array")
+
+Let's use this same "array of pointers to structs" approach for
+EARLYCON_TABLE.
+
+Fixes: 99492c39f39f ("earlycon: Fix __earlycon_table stride")
+Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
+Suggested-by: Aaron Durbin <adurbin@chromium.org>
+Reviewed-by: Rob Herring <robh@kernel.org>
+Tested-by: Guenter Roeck <groeck@chromium.org>
+Reviewed-by: Guenter Roeck <groeck@chromium.org>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/of/fdt.c | 7 +++++--
+ drivers/tty/serial/earlycon.c | 6 ++++--
+ include/asm-generic/vmlinux.lds.h | 2 +-
+ include/linux/serial_core.h | 21 ++++++++++++++-------
+ 4 files changed, 24 insertions(+), 12 deletions(-)
+
+--- a/drivers/of/fdt.c
++++ b/drivers/of/fdt.c
+@@ -975,7 +975,7 @@ int __init early_init_dt_scan_chosen_std
+ int offset;
+ const char *p, *q, *options = NULL;
+ int l;
+- const struct earlycon_id *match;
++ const struct earlycon_id **p_match;
+ const void *fdt = initial_boot_params;
+
+ offset = fdt_path_offset(fdt, "/chosen");
+@@ -1002,7 +1002,10 @@ int __init early_init_dt_scan_chosen_std
+ return 0;
+ }
+
+- for (match = __earlycon_table; match < __earlycon_table_end; match++) {
++ for (p_match = __earlycon_table; p_match < __earlycon_table_end;
++ p_match++) {
++ const struct earlycon_id *match = *p_match;
++
+ if (!match->compatible[0])
+ continue;
+
+--- a/drivers/tty/serial/earlycon.c
++++ b/drivers/tty/serial/earlycon.c
+@@ -172,7 +172,7 @@ static int __init register_earlycon(char
+ */
+ int __init setup_earlycon(char *buf)
+ {
+- const struct earlycon_id *match;
++ const struct earlycon_id **p_match;
+
+ if (!buf || !buf[0])
+ return -EINVAL;
+@@ -180,7 +180,9 @@ int __init setup_earlycon(char *buf)
+ if (early_con.flags & CON_ENABLED)
+ return -EALREADY;
+
+- for (match = __earlycon_table; match < __earlycon_table_end; match++) {
++ for (p_match = __earlycon_table; p_match < __earlycon_table_end;
++ p_match++) {
++ const struct earlycon_id *match = *p_match;
+ size_t len = strlen(match->name);
+
+ if (strncmp(buf, match->name, len))
+--- a/include/asm-generic/vmlinux.lds.h
++++ b/include/asm-generic/vmlinux.lds.h
+@@ -170,7 +170,7 @@
+ #endif
+
+ #ifdef CONFIG_SERIAL_EARLYCON
+-#define EARLYCON_TABLE() STRUCT_ALIGN(); \
++#define EARLYCON_TABLE() . = ALIGN(8); \
+ VMLINUX_SYMBOL(__earlycon_table) = .; \
+ KEEP(*(__earlycon_table)) \
+ VMLINUX_SYMBOL(__earlycon_table_end) = .;
+--- a/include/linux/serial_core.h
++++ b/include/linux/serial_core.h
+@@ -351,10 +351,10 @@ struct earlycon_id {
+ char name[16];
+ char compatible[128];
+ int (*setup)(struct earlycon_device *, const char *options);
+-} __aligned(32);
++};
+
+-extern const struct earlycon_id __earlycon_table[];
+-extern const struct earlycon_id __earlycon_table_end[];
++extern const struct earlycon_id *__earlycon_table[];
++extern const struct earlycon_id *__earlycon_table_end[];
+
+ #if defined(CONFIG_SERIAL_EARLYCON) && !defined(MODULE)
+ #define EARLYCON_USED_OR_UNUSED __used
+@@ -362,12 +362,19 @@ extern const struct earlycon_id __earlyc
+ #define EARLYCON_USED_OR_UNUSED __maybe_unused
+ #endif
+
+-#define OF_EARLYCON_DECLARE(_name, compat, fn) \
+- static const struct earlycon_id __UNIQUE_ID(__earlycon_##_name) \
+- EARLYCON_USED_OR_UNUSED __section(__earlycon_table) \
++#define _OF_EARLYCON_DECLARE(_name, compat, fn, unique_id) \
++ static const struct earlycon_id unique_id \
++ EARLYCON_USED_OR_UNUSED __initconst \
+ = { .name = __stringify(_name), \
+ .compatible = compat, \
+- .setup = fn }
++ .setup = fn }; \
++ static const struct earlycon_id EARLYCON_USED_OR_UNUSED \
++ __section(__earlycon_table) \
++ * const __PASTE(__p, unique_id) = &unique_id
++
++#define OF_EARLYCON_DECLARE(_name, compat, fn) \
++ _OF_EARLYCON_DECLARE(_name, compat, fn, \
++ __UNIQUE_ID(__earlycon_##_name))
+
+ #define EARLYCON_DECLARE(_name, fn) OF_EARLYCON_DECLARE(_name, "", fn)
+
--- /dev/null
+From 881c93c0fb73328845898344208fa0bf0d62cac6 Mon Sep 17 00:00:00 2001
+From: Anatolij Gustschin <agust@denx.de>
+Date: Sun, 15 Apr 2018 11:33:08 -0700
+Subject: fpga-manager: altera-ps-spi: preserve nCONFIG state
+
+From: Anatolij Gustschin <agust@denx.de>
+
+commit 881c93c0fb73328845898344208fa0bf0d62cac6 upstream.
+
+If the driver module is loaded when FPGA is configured, the FPGA
+is reset because nconfig is pulled low (low-active gpio inited
+with GPIOD_OUT_HIGH activates the signal which means setting its
+value to low). Init nconfig with GPIOD_OUT_LOW to prevent this.
+
+Signed-off-by: Anatolij Gustschin <agust@denx.de>
+Acked-by: Alan Tull <atull@kernel.org>
+Signed-off-by: Moritz Fischer <mdf@kernel.org>
+Cc: stable <stable@vger.kernel.org> # 4.14+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/fpga/altera-ps-spi.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/fpga/altera-ps-spi.c
++++ b/drivers/fpga/altera-ps-spi.c
+@@ -249,7 +249,7 @@ static int altera_ps_probe(struct spi_de
+
+ conf->data = of_id->data;
+ conf->spi = spi;
+- conf->config = devm_gpiod_get(&spi->dev, "nconfig", GPIOD_OUT_HIGH);
++ conf->config = devm_gpiod_get(&spi->dev, "nconfig", GPIOD_OUT_LOW);
+ if (IS_ERR(conf->config)) {
+ dev_err(&spi->dev, "Failed to get config gpio: %ld\n",
+ PTR_ERR(conf->config));
--- /dev/null
+From f0cf47d939d0b4b4f660c5aaa4276fa3488f3391 Mon Sep 17 00:00:00 2001
+From: Marc Zyngier <marc.zyngier@arm.com>
+Date: Wed, 4 Apr 2018 14:48:24 +0100
+Subject: KVM: arm/arm64: Close VMID generation race
+
+From: Marc Zyngier <marc.zyngier@arm.com>
+
+commit f0cf47d939d0b4b4f660c5aaa4276fa3488f3391 upstream.
+
+Before entering the guest, we check whether our VMID is still
+part of the current generation. In order to avoid taking a lock,
+we start with checking that the generation is still current, and
+only if not current do we take the lock, recheck, and update the
+generation and VMID.
+
+This leaves open a small race: A vcpu can bump up the global
+generation number as well as the VM's, but has not updated
+the VMID itself yet.
+
+At that point another vcpu from the same VM comes in, checks
+the generation (and finds it not needing anything), and jumps
+into the guest. At this point, we end-up with two vcpus belonging
+to the same VM running with two different VMIDs. Eventually, the
+VMID used by the second vcpu will get reassigned, and things will
+really go wrong...
+
+A simple solution would be to drop this initial check, and always take
+the lock. This is likely to cause performance issues. A middle ground
+is to convert the spinlock to a rwlock, and only take the read lock
+on the fast path. If the check fails at that point, drop it and
+acquire the write lock, rechecking the condition.
+
+This ensures that the above scenario doesn't occur.
+
+Cc: stable@vger.kernel.org
+Reported-by: Mark Rutland <mark.rutland@arm.com>
+Tested-by: Shannon Zhao <zhaoshenglong@huawei.com>
+Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ virt/kvm/arm/arm.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+--- a/virt/kvm/arm/arm.c
++++ b/virt/kvm/arm/arm.c
+@@ -61,7 +61,7 @@ static DEFINE_PER_CPU(struct kvm_vcpu *,
+ static atomic64_t kvm_vmid_gen = ATOMIC64_INIT(1);
+ static u32 kvm_next_vmid;
+ static unsigned int kvm_vmid_bits __read_mostly;
+-static DEFINE_SPINLOCK(kvm_vmid_lock);
++static DEFINE_RWLOCK(kvm_vmid_lock);
+
+ static bool vgic_present;
+
+@@ -462,11 +462,16 @@ static void update_vttbr(struct kvm *kvm
+ {
+ phys_addr_t pgd_phys;
+ u64 vmid;
++ bool new_gen;
+
+- if (!need_new_vmid_gen(kvm))
++ read_lock(&kvm_vmid_lock);
++ new_gen = need_new_vmid_gen(kvm);
++ read_unlock(&kvm_vmid_lock);
++
++ if (!new_gen)
+ return;
+
+- spin_lock(&kvm_vmid_lock);
++ write_lock(&kvm_vmid_lock);
+
+ /*
+ * We need to re-check the vmid_gen here to ensure that if another vcpu
+@@ -474,7 +479,7 @@ static void update_vttbr(struct kvm *kvm
+ * use the same vmid.
+ */
+ if (!need_new_vmid_gen(kvm)) {
+- spin_unlock(&kvm_vmid_lock);
++ write_unlock(&kvm_vmid_lock);
+ return;
+ }
+
+@@ -508,7 +513,7 @@ static void update_vttbr(struct kvm *kvm
+ vmid = ((u64)(kvm->arch.vmid) << VTTBR_VMID_SHIFT) & VTTBR_VMID_MASK(kvm_vmid_bits);
+ kvm->arch.vttbr = pgd_phys | vmid;
+
+- spin_unlock(&kvm_vmid_lock);
++ write_unlock(&kvm_vmid_lock);
+ }
+
+ static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu)
--- /dev/null
+From 7b4c443d139f1d2b5570da475f7a9cbcef86740c Mon Sep 17 00:00:00 2001
+From: Ilya Dryomov <idryomov@gmail.com>
+Date: Mon, 23 Apr 2018 15:25:10 +0200
+Subject: libceph: reschedule a tick in finish_hunting()
+
+From: Ilya Dryomov <idryomov@gmail.com>
+
+commit 7b4c443d139f1d2b5570da475f7a9cbcef86740c upstream.
+
+If we go without an established session for a while, backoff delay will
+climb to 30 seconds. The keepalive timeout is also 30 seconds, so it's
+pretty easily hit after a prolonged hunting for a monitor: we don't get
+a chance to send out a keepalive in time, which means we never get back
+a keepalive ack in time, cutting an established session and attempting
+to connect to a different monitor every 30 seconds:
+
+ [Sun Apr 1 23:37:05 2018] libceph: mon0 10.80.20.99:6789 session established
+ [Sun Apr 1 23:37:36 2018] libceph: mon0 10.80.20.99:6789 session lost, hunting for new mon
+ [Sun Apr 1 23:37:36 2018] libceph: mon2 10.80.20.103:6789 session established
+ [Sun Apr 1 23:38:07 2018] libceph: mon2 10.80.20.103:6789 session lost, hunting for new mon
+ [Sun Apr 1 23:38:07 2018] libceph: mon1 10.80.20.100:6789 session established
+ [Sun Apr 1 23:38:37 2018] libceph: mon1 10.80.20.100:6789 session lost, hunting for new mon
+ [Sun Apr 1 23:38:37 2018] libceph: mon2 10.80.20.103:6789 session established
+ [Sun Apr 1 23:39:08 2018] libceph: mon2 10.80.20.103:6789 session lost, hunting for new mon
+
+The regular keepalive interval is 10 seconds. After ->hunting is
+cleared in finish_hunting(), call __schedule_delayed() to ensure we
+send out a keepalive after 10 seconds.
+
+Cc: stable@vger.kernel.org # 4.7+
+Link: http://tracker.ceph.com/issues/23537
+Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
+Reviewed-by: Jason Dillaman <dillaman@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/ceph/mon_client.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/ceph/mon_client.c
++++ b/net/ceph/mon_client.c
+@@ -1133,6 +1133,7 @@ static void finish_hunting(struct ceph_m
+ monc->hunting = false;
+ monc->had_a_connection = true;
+ un_backoff(monc);
++ __schedule_delayed(monc);
+ }
+ }
+
--- /dev/null
+From facb9f6eba3df4e8027301cc0e514dc582a1b366 Mon Sep 17 00:00:00 2001
+From: Ilya Dryomov <idryomov@gmail.com>
+Date: Mon, 23 Apr 2018 15:25:10 +0200
+Subject: libceph: un-backoff on tick when we have a authenticated session
+
+From: Ilya Dryomov <idryomov@gmail.com>
+
+commit facb9f6eba3df4e8027301cc0e514dc582a1b366 upstream.
+
+This means that if we do some backoff, then authenticate, and are
+healthy for an extended period of time, a subsequent failure won't
+leave us starting our hunting sequence with a large backoff.
+
+Mirrors ceph.git commit d466bc6e66abba9b464b0b69687cf45c9dccf383.
+
+Cc: stable@vger.kernel.org # 4.7+
+Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
+Reviewed-by: Jason Dillaman <dillaman@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/ceph/mon_client.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+--- a/net/ceph/mon_client.c
++++ b/net/ceph/mon_client.c
+@@ -209,6 +209,14 @@ static void reopen_session(struct ceph_m
+ __open_session(monc);
+ }
+
++static void un_backoff(struct ceph_mon_client *monc)
++{
++ monc->hunt_mult /= 2; /* reduce by 50% */
++ if (monc->hunt_mult < 1)
++ monc->hunt_mult = 1;
++ dout("%s hunt_mult now %d\n", __func__, monc->hunt_mult);
++}
++
+ /*
+ * Reschedule delayed work timer.
+ */
+@@ -963,6 +971,7 @@ static void delayed_work(struct work_str
+ if (!monc->hunting) {
+ ceph_con_keepalive(&monc->con);
+ __validate_auth(monc);
++ un_backoff(monc);
+ }
+
+ if (is_auth &&
+@@ -1123,9 +1132,7 @@ static void finish_hunting(struct ceph_m
+ dout("%s found mon%d\n", __func__, monc->cur_mon);
+ monc->hunting = false;
+ monc->had_a_connection = true;
+- monc->hunt_mult /= 2; /* reduce by 50% */
+- if (monc->hunt_mult < 1)
+- monc->hunt_mult = 1;
++ un_backoff(monc);
+ }
+ }
+
--- /dev/null
+From 9c55ad1c214d9f8c4594ac2c3fa392c1c32431a7 Mon Sep 17 00:00:00 2001
+From: Ilya Dryomov <idryomov@gmail.com>
+Date: Tue, 24 Apr 2018 19:10:55 +0200
+Subject: libceph: validate con->state at the top of try_write()
+
+From: Ilya Dryomov <idryomov@gmail.com>
+
+commit 9c55ad1c214d9f8c4594ac2c3fa392c1c32431a7 upstream.
+
+ceph_con_workfn() validates con->state before calling try_read() and
+then try_write(). However, try_read() temporarily releases con->mutex,
+notably in process_message() and ceph_con_in_msg_alloc(), opening the
+window for ceph_con_close() to sneak in, close the connection and
+release con->sock. When try_write() is called on the assumption that
+con->state is still valid (i.e. not STANDBY or CLOSED), a NULL sock
+gets passed to the networking stack:
+
+ BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
+ IP: selinux_socket_sendmsg+0x5/0x20
+
+Make sure con->state is valid at the top of try_write() and add an
+explicit BUG_ON for this, similar to try_read().
+
+Cc: stable@vger.kernel.org
+Link: https://tracker.ceph.com/issues/23706
+Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
+Reviewed-by: Jason Dillaman <dillaman@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/ceph/messenger.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+--- a/net/ceph/messenger.c
++++ b/net/ceph/messenger.c
+@@ -2530,6 +2530,11 @@ static int try_write(struct ceph_connect
+ int ret = 1;
+
+ dout("try_write start %p state %lu\n", con, con->state);
++ if (con->state != CON_STATE_PREOPEN &&
++ con->state != CON_STATE_CONNECTING &&
++ con->state != CON_STATE_NEGOTIATING &&
++ con->state != CON_STATE_OPEN)
++ return 0;
+
+ more:
+ dout("try_write out_kvec_bytes %d\n", con->out_kvec_bytes);
+@@ -2555,6 +2560,8 @@ more:
+ }
+
+ more_kvec:
++ BUG_ON(!con->sock);
++
+ /* kvec data queued? */
+ if (con->out_kvec_left) {
+ ret = write_partial_kvec(con);
--- /dev/null
+From 854e55ad289ef8888e7991f0ada85d5846f5afb9 Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Thu, 15 Mar 2018 22:11:54 -0500
+Subject: objtool, perf: Fix GCC 8 -Wrestrict error
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 854e55ad289ef8888e7991f0ada85d5846f5afb9 upstream.
+
+Starting with recent GCC 8 builds, objtool and perf fail to build with
+the following error:
+
+ ../str_error_r.c: In function ‘str_error_r’:
+ ../str_error_r.c:25:3: error: passing argument 1 to restrict-qualified parameter aliases with argument 5 [-Werror=restrict]
+ snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, %p, %zd)=%d", errnum, buf, buflen, err);
+
+The code seems harmless, but there's probably no benefit in printing the
+'buf' pointer in this situation anyway, so just remove it to make GCC
+happy.
+
+Reported-by: Laura Abbott <labbott@redhat.com>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Tested-by: Laura Abbott <labbott@redhat.com>
+Cc: Adrian Hunter <adrian.hunter@intel.com>
+Cc: Jiri Olsa <jolsa@kernel.org>
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: Wang Nan <wangnan0@huawei.com>
+Link: http://lkml.kernel.org/r/20180316031154.juk2uncs7baffctp@treble
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Cc: Fredrik Schön <fredrikschon@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/lib/str_error_r.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/tools/lib/str_error_r.c
++++ b/tools/lib/str_error_r.c
+@@ -22,6 +22,6 @@ char *str_error_r(int errnum, char *buf,
+ {
+ int err = strerror_r(errnum, buf, buflen);
+ if (err)
+- snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, %p, %zd)=%d", errnum, buf, buflen, err);
++ snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, [buf], %zd)=%d", errnum, buflen, err);
+ return buf;
+ }
--- /dev/null
+From 660661afcd40ed7f515ef3369721ed58e80c0fc5 Mon Sep 17 00:00:00 2001
+From: Victor Gu <xigu@marvell.com>
+Date: Fri, 6 Apr 2018 16:55:31 +0200
+Subject: PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
+
+From: Victor Gu <xigu@marvell.com>
+
+commit 660661afcd40ed7f515ef3369721ed58e80c0fc5 upstream.
+
+The PCI configuration space read/write functions were special casing
+the situation where PCI_SLOT(devfn) != 0, and returned
+PCIBIOS_DEVICE_NOT_FOUND in this case.
+
+However, while this is what is intended for the root bus, it is not
+intended for the child busses, as it prevents discovering devices with
+PCI_SLOT(x) != 0. Therefore, we return PCIBIOS_DEVICE_NOT_FOUND only
+if we're on the root bus.
+
+Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Victor Gu <xigu@marvell.com>
+Reviewed-by: Wilson Ding <dingwei@marvell.com>
+Reviewed-by: Nadav Haklai <nadavh@marvell.com>
+[Thomas: tweak commit log.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/host/pci-aardvark.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/pci/host/pci-aardvark.c
++++ b/drivers/pci/host/pci-aardvark.c
+@@ -440,7 +440,7 @@ static int advk_pcie_rd_conf(struct pci_
+ u32 reg;
+ int ret;
+
+- if (PCI_SLOT(devfn) != 0) {
++ if ((bus->number == pcie->root_bus_nr) && PCI_SLOT(devfn) != 0) {
+ *val = 0xffffffff;
+ return PCIBIOS_DEVICE_NOT_FOUND;
+ }
+@@ -494,7 +494,7 @@ static int advk_pcie_wr_conf(struct pci_
+ int offset;
+ int ret;
+
+- if (PCI_SLOT(devfn) != 0)
++ if ((bus->number == pcie->root_bus_nr) && PCI_SLOT(devfn) != 0)
+ return PCIBIOS_DEVICE_NOT_FOUND;
+
+ if (where % size)
--- /dev/null
+From fc31c4e347c9dad50544d01d5ee98b22c7df88bb Mon Sep 17 00:00:00 2001
+From: Evan Wang <xswang@marvell.com>
+Date: Fri, 6 Apr 2018 16:55:34 +0200
+Subject: PCI: aardvark: Fix PCIe Max Read Request Size setting
+
+From: Evan Wang <xswang@marvell.com>
+
+commit fc31c4e347c9dad50544d01d5ee98b22c7df88bb upstream.
+
+There is an obvious typo issue in the definition of the PCIe maximum
+read request size: a bit shift is directly used as a value, while it
+should be used to shift the correct value.
+
+Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Evan Wang <xswang@marvell.com>
+Reviewed-by: Victor Gu <xigu@marvell.com>
+Reviewed-by: Nadav Haklai <nadavh@marvell.com>
+[Thomas: tweak commit log.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/host/pci-aardvark.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/pci/host/pci-aardvark.c
++++ b/drivers/pci/host/pci-aardvark.c
+@@ -32,6 +32,7 @@
+ #define PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT 5
+ #define PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE (0 << 11)
+ #define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT 12
++#define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ 0x2
+ #define PCIE_CORE_LINK_CTRL_STAT_REG 0xd0
+ #define PCIE_CORE_LINK_L0S_ENTRY BIT(0)
+ #define PCIE_CORE_LINK_TRAINING BIT(5)
+@@ -298,7 +299,8 @@ static void advk_pcie_setup_hw(struct ad
+ reg = PCIE_CORE_DEV_CTRL_STATS_RELAX_ORDER_DISABLE |
+ (7 << PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT) |
+ PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE |
+- PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT;
++ (PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ <<
++ PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT);
+ advk_writel(pcie, reg, PCIE_CORE_DEV_CTRL_STATS_REG);
+
+ /* Program PCIe Control 2 to disable strict ordering */
--- /dev/null
+From 4fa3999ee672c54a5498ce98e20fe3fdf9c1cbb4 Mon Sep 17 00:00:00 2001
+From: Victor Gu <xigu@marvell.com>
+Date: Fri, 6 Apr 2018 16:55:32 +0200
+Subject: PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
+
+From: Victor Gu <xigu@marvell.com>
+
+commit 4fa3999ee672c54a5498ce98e20fe3fdf9c1cbb4 upstream.
+
+When setting the PIO_ADDR_LS register during a configuration read, we
+were properly passing the device number, function number and register
+number, but not the bus number, causing issues when reading the
+configuration of PCIe devices.
+
+Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Victor Gu <xigu@marvell.com>
+Reviewed-by: Wilson Ding <dingwei@marvell.com>
+Reviewed-by: Nadav Haklai <nadavh@marvell.com>
+[Thomas: tweak commit log.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/host/pci-aardvark.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+--- a/drivers/pci/host/pci-aardvark.c
++++ b/drivers/pci/host/pci-aardvark.c
+@@ -175,8 +175,6 @@
+ #define PCIE_CONFIG_WR_TYPE0 0xa
+ #define PCIE_CONFIG_WR_TYPE1 0xb
+
+-/* PCI_BDF shifts 8bit, so we need extra 4bit shift */
+-#define PCIE_BDF(dev) (dev << 4)
+ #define PCIE_CONF_BUS(bus) (((bus) & 0xff) << 20)
+ #define PCIE_CONF_DEV(dev) (((dev) & 0x1f) << 15)
+ #define PCIE_CONF_FUNC(fun) (((fun) & 0x7) << 12)
+@@ -459,7 +457,7 @@ static int advk_pcie_rd_conf(struct pci_
+ advk_writel(pcie, reg, PIO_CTRL);
+
+ /* Program the address registers */
+- reg = PCIE_BDF(devfn) | PCIE_CONF_REG(where);
++ reg = PCIE_CONF_ADDR(bus->number, devfn, where);
+ advk_writel(pcie, reg, PIO_ADDR_LS);
+ advk_writel(pcie, 0, PIO_ADDR_MS);
+
--- /dev/null
+From 3430f924a62905891c8fa9a3b97ea52007795bc3 Mon Sep 17 00:00:00 2001
+From: Victor Gu <xigu@marvell.com>
+Date: Fri, 6 Apr 2018 16:55:33 +0200
+Subject: PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
+
+From: Victor Gu <xigu@marvell.com>
+
+commit 3430f924a62905891c8fa9a3b97ea52007795bc3 upstream.
+
+The Aardvark has two interrupts sets:
+
+ - first set is bit[23:16] of PCIe ISR 0 register(RD0074840h)
+
+ - second set is bit[11:8] of PCIe ISR 1 register(RD0074848h)
+
+Only one set should be used, while another set should be masked.
+
+The second set, ISR1, is more advanced, the Legacy INT_X status bit is
+asserted once Assert_INTX message is received, and de-asserted after
+Deassert_INTX message is received which matches what the driver is
+currently doing in the ->irq_mask() and ->irq_unmask() functions.
+
+The ISR0 requires additional work to deassert the interrupt, which the
+driver does not currently implement, therefore it needs fixing.
+
+Update the driver to use ISR1 register set, fixing current
+implementation.
+
+Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver")
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=196339
+Signed-off-by: Victor Gu <xigu@marvell.com>
+[Thomas: tweak commit log.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+[lorenzo.pieralisi@arm.com: updated the commit log]
+Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
+Reviewed-by: Evan Wang <xswang@marvell.com>
+Reviewed-by: Nadav Haklai <nadavh@marvell.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/pci/host/pci-aardvark.c | 43 +++++++++++++++++++++++-----------------
+ 1 file changed, 25 insertions(+), 18 deletions(-)
+
+--- a/drivers/pci/host/pci-aardvark.c
++++ b/drivers/pci/host/pci-aardvark.c
+@@ -103,7 +103,8 @@
+ #define PCIE_ISR1_MASK_REG (CONTROL_BASE_ADDR + 0x4C)
+ #define PCIE_ISR1_POWER_STATE_CHANGE BIT(4)
+ #define PCIE_ISR1_FLUSH BIT(5)
+-#define PCIE_ISR1_ALL_MASK GENMASK(5, 4)
++#define PCIE_ISR1_INTX_ASSERT(val) BIT(8 + (val))
++#define PCIE_ISR1_ALL_MASK GENMASK(11, 4)
+ #define PCIE_MSI_ADDR_LOW_REG (CONTROL_BASE_ADDR + 0x50)
+ #define PCIE_MSI_ADDR_HIGH_REG (CONTROL_BASE_ADDR + 0x54)
+ #define PCIE_MSI_STATUS_REG (CONTROL_BASE_ADDR + 0x58)
+@@ -610,9 +611,9 @@ static void advk_pcie_irq_mask(struct ir
+ irq_hw_number_t hwirq = irqd_to_hwirq(d);
+ u32 mask;
+
+- mask = advk_readl(pcie, PCIE_ISR0_MASK_REG);
+- mask |= PCIE_ISR0_INTX_ASSERT(hwirq);
+- advk_writel(pcie, mask, PCIE_ISR0_MASK_REG);
++ mask = advk_readl(pcie, PCIE_ISR1_MASK_REG);
++ mask |= PCIE_ISR1_INTX_ASSERT(hwirq);
++ advk_writel(pcie, mask, PCIE_ISR1_MASK_REG);
+ }
+
+ static void advk_pcie_irq_unmask(struct irq_data *d)
+@@ -621,9 +622,9 @@ static void advk_pcie_irq_unmask(struct
+ irq_hw_number_t hwirq = irqd_to_hwirq(d);
+ u32 mask;
+
+- mask = advk_readl(pcie, PCIE_ISR0_MASK_REG);
+- mask &= ~PCIE_ISR0_INTX_ASSERT(hwirq);
+- advk_writel(pcie, mask, PCIE_ISR0_MASK_REG);
++ mask = advk_readl(pcie, PCIE_ISR1_MASK_REG);
++ mask &= ~PCIE_ISR1_INTX_ASSERT(hwirq);
++ advk_writel(pcie, mask, PCIE_ISR1_MASK_REG);
+ }
+
+ static int advk_pcie_irq_map(struct irq_domain *h,
+@@ -766,29 +767,35 @@ static void advk_pcie_handle_msi(struct
+
+ static void advk_pcie_handle_int(struct advk_pcie *pcie)
+ {
+- u32 val, mask, status;
++ u32 isr0_val, isr0_mask, isr0_status;
++ u32 isr1_val, isr1_mask, isr1_status;
+ int i, virq;
+
+- val = advk_readl(pcie, PCIE_ISR0_REG);
+- mask = advk_readl(pcie, PCIE_ISR0_MASK_REG);
+- status = val & ((~mask) & PCIE_ISR0_ALL_MASK);
+-
+- if (!status) {
+- advk_writel(pcie, val, PCIE_ISR0_REG);
++ isr0_val = advk_readl(pcie, PCIE_ISR0_REG);
++ isr0_mask = advk_readl(pcie, PCIE_ISR0_MASK_REG);
++ isr0_status = isr0_val & ((~isr0_mask) & PCIE_ISR0_ALL_MASK);
++
++ isr1_val = advk_readl(pcie, PCIE_ISR1_REG);
++ isr1_mask = advk_readl(pcie, PCIE_ISR1_MASK_REG);
++ isr1_status = isr1_val & ((~isr1_mask) & PCIE_ISR1_ALL_MASK);
++
++ if (!isr0_status && !isr1_status) {
++ advk_writel(pcie, isr0_val, PCIE_ISR0_REG);
++ advk_writel(pcie, isr1_val, PCIE_ISR1_REG);
+ return;
+ }
+
+ /* Process MSI interrupts */
+- if (status & PCIE_ISR0_MSI_INT_PENDING)
++ if (isr0_status & PCIE_ISR0_MSI_INT_PENDING)
+ advk_pcie_handle_msi(pcie);
+
+ /* Process legacy interrupts */
+ for (i = 0; i < PCI_NUM_INTX; i++) {
+- if (!(status & PCIE_ISR0_INTX_ASSERT(i)))
++ if (!(isr1_status & PCIE_ISR1_INTX_ASSERT(i)))
+ continue;
+
+- advk_writel(pcie, PCIE_ISR0_INTX_ASSERT(i),
+- PCIE_ISR0_REG);
++ advk_writel(pcie, PCIE_ISR1_INTX_ASSERT(i),
++ PCIE_ISR1_REG);
+
+ virq = irq_find_mapping(pcie->irq_domain, i);
+ generic_handle_irq(virq);
--- /dev/null
+From fb5924fddf9ee31db04da7ad4e8c3434a387101b Mon Sep 17 00:00:00 2001
+From: Balbir Singh <bsingharora@gmail.com>
+Date: Fri, 6 Apr 2018 15:24:23 +1000
+Subject: powerpc/mm: Flush cache on memory hot(un)plug
+
+From: Balbir Singh <bsingharora@gmail.com>
+
+commit fb5924fddf9ee31db04da7ad4e8c3434a387101b upstream.
+
+This patch adds support for flushing potentially dirty cache lines
+when memory is hot-plugged/hot-un-plugged. The support is currently
+limited to 64 bit systems.
+
+The bug was exposed when mappings for a device were actually
+hot-unplugged and plugged in back later. A similar issue was observed
+during the development of memtrace, but memtrace does it's own
+flushing of region via a custom routine.
+
+These patches do a flush both on hotplug/unplug to clear any stale
+data in the cache w.r.t mappings, there is a small race window where a
+clean cache line may be created again just prior to tearing down the
+mapping.
+
+The patches were tested by disabling the flush routines in memtrace
+and doing I/O on the trace file. The system immediately
+checkstops (quite reliablly if prior to the hot-unplug of the memtrace
+region, we memset the regions we are about to hot unplug). After these
+patches no custom flushing is needed in the memtrace code.
+
+Fixes: 9d5171a8f248 ("powerpc/powernv: Enable removal of memory for in memory tracing")
+Cc: stable@vger.kernel.org # v4.14+
+Signed-off-by: Balbir Singh <bsingharora@gmail.com>
+Acked-by: Reza Arbab <arbab@linux.ibm.com>
+Reviewed-by: Rashmica Gupta <rashmica.g@gmail.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/powerpc/mm/mem.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/powerpc/mm/mem.c
++++ b/arch/powerpc/mm/mem.c
+@@ -143,6 +143,7 @@ int arch_add_memory(int nid, u64 start,
+ start, start + size, rc);
+ return -EFAULT;
+ }
++ flush_inval_dcache_range(start, start + size);
+
+ return __add_pages(nid, start_pfn, nr_pages, want_memblock);
+ }
+@@ -171,6 +172,7 @@ int arch_remove_memory(u64 start, u64 si
+
+ /* Remove htab bolted mappings for this section of memory */
+ start = (unsigned long)__va(start);
++ flush_inval_dcache_range(start, start + size);
+ ret = remove_section_mapping(start, start + size);
+
+ /* Ensure all vmalloc mappings are flushed in case they also
--- /dev/null
+From d0cf9b561ca97d5245bb9e0c4774b7fadd897d67 Mon Sep 17 00:00:00 2001
+From: Alistair Popple <alistair@popple.id.au>
+Date: Tue, 17 Apr 2018 19:11:28 +1000
+Subject: powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range
+
+From: Alistair Popple <alistair@popple.id.au>
+
+commit d0cf9b561ca97d5245bb9e0c4774b7fadd897d67 upstream.
+
+The NPU has a limited number of address translation shootdown (ATSD)
+registers and the GPU has limited bandwidth to process ATSDs. This can
+result in contention of ATSD registers leading to soft lockups on some
+threads, particularly when invalidating a large address range in
+pnv_npu2_mn_invalidate_range().
+
+At some threshold it becomes more efficient to flush the entire GPU
+TLB for the given MM context (PID) than individually flushing each
+address in the range. This patch will result in ranges greater than
+2MB being converted from 32+ ATSDs into a single ATSD which will flush
+the TLB for the given PID on each GPU.
+
+Fixes: 1ab66d1fbada ("powerpc/powernv: Introduce address translation services for Nvlink2")
+Cc: stable@vger.kernel.org # v4.12+
+Signed-off-by: Alistair Popple <alistair@popple.id.au>
+Acked-by: Balbir Singh <bsingharora@gmail.com>
+Tested-by: Balbir Singh <bsingharora@gmail.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/powerpc/platforms/powernv/npu-dma.c | 23 +++++++++++++++++++----
+ 1 file changed, 19 insertions(+), 4 deletions(-)
+
+--- a/arch/powerpc/platforms/powernv/npu-dma.c
++++ b/arch/powerpc/platforms/powernv/npu-dma.c
+@@ -34,6 +34,13 @@
+ #define npu_to_phb(x) container_of(x, struct pnv_phb, npu)
+
+ /*
++ * When an address shootdown range exceeds this threshold we invalidate the
++ * entire TLB on the GPU for the given PID rather than each specific address in
++ * the range.
++ */
++#define ATSD_THRESHOLD (2*1024*1024)
++
++/*
+ * Other types of TCE cache invalidation are not functional in the
+ * hardware.
+ */
+@@ -621,11 +628,19 @@ static void pnv_npu2_mn_invalidate_range
+ struct npu_context *npu_context = mn_to_npu_context(mn);
+ unsigned long address;
+
+- for (address = start; address < end; address += PAGE_SIZE)
+- mmio_invalidate(npu_context, 1, address, false);
++ if (end - start > ATSD_THRESHOLD) {
++ /*
++ * Just invalidate the entire PID if the address range is too
++ * large.
++ */
++ mmio_invalidate(npu_context, 0, 0, true);
++ } else {
++ for (address = start; address < end; address += PAGE_SIZE)
++ mmio_invalidate(npu_context, 1, address, false);
+
+- /* Do the flush only on the final addess == end */
+- mmio_invalidate(npu_context, 1, address, true);
++ /* Do the flush only on the final addess == end */
++ mmio_invalidate(npu_context, 1, address, true);
++ }
+ }
+
+ static const struct mmu_notifier_ops nv_nmmu_notifier_ops = {
--- /dev/null
+From 682e6b4da5cbe8e9a53f979a58c2a9d7dc997175 Mon Sep 17 00:00:00 2001
+From: Nicholas Piggin <npiggin@gmail.com>
+Date: Tue, 10 Apr 2018 21:49:32 +1000
+Subject: rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
+
+From: Nicholas Piggin <npiggin@gmail.com>
+
+commit 682e6b4da5cbe8e9a53f979a58c2a9d7dc997175 upstream.
+
+The OPAL RTC driver does not sleep in case it gets OPAL_BUSY or
+OPAL_BUSY_EVENT from firmware, which causes large scheduling
+latencies, up to 50 seconds have been observed here when RTC stops
+responding (BMC reboot can do it).
+
+Fix this by converting it to the standard form OPAL_BUSY loop that
+sleeps.
+
+Fixes: 628daa8d5abf ("powerpc/powernv: Add RTC and NVRAM support plus RTAS fallbacks")
+Cc: stable@vger.kernel.org # v3.2+
+Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
+Acked-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/powerpc/platforms/powernv/opal-rtc.c | 8 ++++--
+ drivers/rtc/rtc-opal.c | 37 ++++++++++++++++++------------
+ 2 files changed, 28 insertions(+), 17 deletions(-)
+
+--- a/arch/powerpc/platforms/powernv/opal-rtc.c
++++ b/arch/powerpc/platforms/powernv/opal-rtc.c
+@@ -48,10 +48,12 @@ unsigned long __init opal_get_boot_time(
+
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) {
+ rc = opal_rtc_read(&__y_m_d, &__h_m_s_ms);
+- if (rc == OPAL_BUSY_EVENT)
++ if (rc == OPAL_BUSY_EVENT) {
++ mdelay(OPAL_BUSY_DELAY_MS);
+ opal_poll_events(NULL);
+- else if (rc == OPAL_BUSY)
+- mdelay(10);
++ } else if (rc == OPAL_BUSY) {
++ mdelay(OPAL_BUSY_DELAY_MS);
++ }
+ }
+ if (rc != OPAL_SUCCESS)
+ return 0;
+--- a/drivers/rtc/rtc-opal.c
++++ b/drivers/rtc/rtc-opal.c
+@@ -57,7 +57,7 @@ static void tm_to_opal(struct rtc_time *
+
+ static int opal_get_rtc_time(struct device *dev, struct rtc_time *tm)
+ {
+- long rc = OPAL_BUSY;
++ s64 rc = OPAL_BUSY;
+ int retries = 10;
+ u32 y_m_d;
+ u64 h_m_s_ms;
+@@ -66,13 +66,17 @@ static int opal_get_rtc_time(struct devi
+
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) {
+ rc = opal_rtc_read(&__y_m_d, &__h_m_s_ms);
+- if (rc == OPAL_BUSY_EVENT)
++ if (rc == OPAL_BUSY_EVENT) {
++ msleep(OPAL_BUSY_DELAY_MS);
+ opal_poll_events(NULL);
+- else if (retries-- && (rc == OPAL_HARDWARE
+- || rc == OPAL_INTERNAL_ERROR))
+- msleep(10);
+- else if (rc != OPAL_BUSY && rc != OPAL_BUSY_EVENT)
+- break;
++ } else if (rc == OPAL_BUSY) {
++ msleep(OPAL_BUSY_DELAY_MS);
++ } else if (rc == OPAL_HARDWARE || rc == OPAL_INTERNAL_ERROR) {
++ if (retries--) {
++ msleep(10); /* Wait 10ms before retry */
++ rc = OPAL_BUSY; /* go around again */
++ }
++ }
+ }
+
+ if (rc != OPAL_SUCCESS)
+@@ -87,21 +91,26 @@ static int opal_get_rtc_time(struct devi
+
+ static int opal_set_rtc_time(struct device *dev, struct rtc_time *tm)
+ {
+- long rc = OPAL_BUSY;
++ s64 rc = OPAL_BUSY;
+ int retries = 10;
+ u32 y_m_d = 0;
+ u64 h_m_s_ms = 0;
+
+ tm_to_opal(tm, &y_m_d, &h_m_s_ms);
++
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) {
+ rc = opal_rtc_write(y_m_d, h_m_s_ms);
+- if (rc == OPAL_BUSY_EVENT)
++ if (rc == OPAL_BUSY_EVENT) {
++ msleep(OPAL_BUSY_DELAY_MS);
+ opal_poll_events(NULL);
+- else if (retries-- && (rc == OPAL_HARDWARE
+- || rc == OPAL_INTERNAL_ERROR))
+- msleep(10);
+- else if (rc != OPAL_BUSY && rc != OPAL_BUSY_EVENT)
+- break;
++ } else if (rc == OPAL_BUSY) {
++ msleep(OPAL_BUSY_DELAY_MS);
++ } else if (rc == OPAL_HARDWARE || rc == OPAL_INTERNAL_ERROR) {
++ if (retries--) {
++ msleep(10); /* Wait 10ms before retry */
++ rc = OPAL_BUSY; /* go around again */
++ }
++ }
+ }
+
+ return rc == OPAL_SUCCESS ? 0 : -EIO;
scsi-sd-defer-spinning-up-drive-while-sanitize-is-in-progress.patch
bfq-iosched-ensure-to-clear-bic-bfqq-pointers-when-preparing-request.patch
vfio-ccw-process-ssch-with-interrupts-disabled.patch
+android-binder-prevent-transactions-into-own-process.patch
+pci-aardvark-fix-logic-in-advk_pcie_-rd-wr-_conf.patch
+pci-aardvark-set-pio_addr_ls-correctly-in-advk_pcie_rd_conf.patch
+pci-aardvark-use-isr1-instead-of-isr0-interrupt-in-legacy-irq-mode.patch
+pci-aardvark-fix-pcie-max-read-request-size-setting.patch
+arm-amba-make-driver_override-output-consistent-with-other-buses.patch
+arm-amba-fix-race-condition-with-driver_override.patch
+arm-amba-don-t-read-past-the-end-of-sysfs-driver_override-buffer.patch
+arm-socfpga_defconfig-remove-qspi-sector-4k-size-force.patch
+kvm-arm-arm64-close-vmid-generation-race.patch
+powerpc-mm-flush-cache-on-memory-hot-un-plug.patch
+powerpc-powernv-npu-do-a-pid-gpu-tlb-flush-when-invalidating-a-large-address-range.patch
+crypto-drbg-set-freed-buffers-to-null.patch
+asoc-fsl_esai-fix-divisor-calculation-failure-at-lower-ratio.patch
+libceph-un-backoff-on-tick-when-we-have-a-authenticated-session.patch
+libceph-reschedule-a-tick-in-finish_hunting.patch
+libceph-validate-con-state-at-the-top-of-try_write.patch
+fpga-manager-altera-ps-spi-preserve-nconfig-state.patch
+earlycon-use-a-pointer-table-to-fix-__earlycon_table-stride.patch
+cpufreq-powernv-fix-hardlockup-due-to-synchronous-smp_call-in-timer-interrupt.patch
+rtc-opal-fix-opal-rtc-driver-opal_busy-loops.patch
+drm-amdgpu-set-compute_pgm_rsrc1-for-sgpr-vgpr-clearing-shaders.patch
+drm-i915-enable-display-wa-1183-from-its-correct-spot.patch
+objtool-perf-fix-gcc-8-wrestrict-error.patch
+tools-lib-subcmd-pager.c-do-not-alias-select-params.patch
--- /dev/null
+From ad343a98e74e85aa91d844310e797f96fee6983b Mon Sep 17 00:00:00 2001
+From: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+Date: Tue, 6 Feb 2018 15:37:52 -0800
+Subject: tools/lib/subcmd/pager.c: do not alias select() params
+
+From: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+
+commit ad343a98e74e85aa91d844310e797f96fee6983b upstream.
+
+Use a separate fd set for select()-s exception fds param to fix the
+following gcc warning:
+
+ pager.c:36:12: error: passing argument 2 to restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
+ select(1, &in, NULL, &in, NULL);
+ ^~~ ~~~
+
+Link: http://lkml.kernel.org/r/20180101105626.7168-1-sergey.senozhatsky@gmail.com
+Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Fredrik Schön <fredrikschon@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/lib/subcmd/pager.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/tools/lib/subcmd/pager.c
++++ b/tools/lib/subcmd/pager.c
+@@ -30,10 +30,13 @@ static void pager_preexec(void)
+ * have real input
+ */
+ fd_set in;
++ fd_set exception;
+
+ FD_ZERO(&in);
++ FD_ZERO(&exception);
+ FD_SET(0, &in);
+- select(1, &in, NULL, &in, NULL);
++ FD_SET(0, &exception);
++ select(1, &in, NULL, &exception, NULL);
+
+ setenv("LESS", "FRSX", 0);
+ }
projects / thirdparty / kernel / stable-queue.git / commitdiff
